
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Ofllcc 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Atexandm. Virginia 223 1 3- 1 4S0 
www.uspio.gov 



I ATTORNEY DOCKET NO. | CONFIRMATION NO. 



APPLICATION NO. 



FILING DATE 



RRST NAMED INVENTOR 



09/532,050 



03/21/2000 



7590 02/03/2004 

Larry S Nixon 

Nixon & Vanderhye PC 

11 00 North Glebe Road 8th Floor 

Arlington, VA 22201-4714 



Danny M. Nessett 



922-88 



6821 



EXAMINER 



SIMITOSICI, MICHAEL J 



ART UNIT 



PAPER NUMBER 



2134 

DATE MAILED: 02/03/2004 



2^ 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Office Action Summary 



Application No.^ 

09/532,050 



Examiner 

Michael J SimitoskI 



Applicant(s) 

NESSETT ET AL 



Art Unit 

2134 



" The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- tf the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- tf NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

^)M Responsive to communication(s) filecJ on 21 March 2000 . 
2a)n This action is FINAL. 2b)M This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Expa/te Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) M Claim(s) li6 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) 13 Claim(s) 1,2 and 4-6 is/are rejected. 

7) 13 Claim(s) 3 is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) K The specification is objected to by the Examiner^ 

10)13 The drawing(s) filed on 21 March 2000 is/are: a)n accepted or b)M objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing{s) is objected to. See 37 CFR 1 .121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or fonm PTO-1 52. 
Priority under 35 U.S.C. §§119 and 120 

12) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C, § 119(a)-(d) or (f). 

a)nAII b)n Some*c)n None of: 

1 .□ Certified copies of the priority documents have been received. 

2.n Certified copies of the priority documents have been received in Application No. . 

30 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17,2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

13) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet. 
37 CFR 1.78. 

a) □ The translation of the foreign language provisional application has been received. 

14) 0 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data Sheet. 37 CFR 



Attachment(s) 

1) ^ Notice of References Cited (PTO-892) 

2) n Notice of Draflsperson's Patent Drawing Review (PTO-948) 

3) n Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 



jWRIGHT 

4) □ Interview Summary fPToBfWNI^Hy tBI^ MINE R 

5) □ Notice of Informal Patent Application (PTO-1 52) 

6) □ Other: 
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DETAILED ACTION 

1 . Claims 1 -6 are pending. 

Drawings 

2. The drawings are objected to under 37 CFR 1.83(a). The drawings must show every 
feature of the invention specified in the claims. Therefore, the step (d) in claim 1 (sending a 
communication from the device to the management system) must be shown or the feature(s) 
canceled from the claim(s). No new matter should be entered. 

A proposed drawing correction or corrected drawings are required in reply to the Office 
action to avoid abandonment of the application. The objection to the drawings will not be held 
in abeyance. 

Specification 

3. The disclosure is objected to because of the following informalities: 

a. On page 4, line 8, "There various" should be replaced with "There are various". 
Appropriate correction is required. 

Claim Rejections - 35 USC §103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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5. Claims 1, 5 & 6 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
"Authentication for DHCP Messages" (INTERNET DRAFT) by Arbaugh et al. (Arbaugh) in 
view of U.S. Patent 5,708,780 to Levergood et al. (Levergood), in further view of Applied 
Cryptography, Second Edition by Schneier. 

Regarding claim 1, Arbaugh discloses communicating identification information/cHent-id 
of the device/host/client to a management system/server (see page 12, Appendix A), installing a 
device/host (see page 1, Abstract), obtaining from a protocol address administrator/server a 
protocol address/IP address for said device/host (see page 1, §1), sending a 
communication/(client identifier, subnet address) from the device/client to the management 
system/server (see page 12, Appendix A), conducting a key agreement protocol 
exchange/generation between said device/client and said management system/server to establish 
a set of encryption keys/ AT (see page 6, §5,4 & page 12, Appendix A) and using said set of 
encryption keys to provide authentication by said device/client and said management 
system/server (see page 6, §5.4 & pages 8-9, §6), associating, within the management 
system/server, said identification information/client identifier and the protocol address/subnet 
address of the device and communicating from said management system/server to said 
administrator/server a message including said identification information and said protocol 
address (see page 12, Appendix A). Note that, as the reference teaches a server which acts as 
both the management system and administrator, it is inherent that the associated information is 
sent from the management system to the administrator. Arbaugh lacks associating the time with 
the identification information and protocol address. However, Levergood teaches a server that 
controls and monitors access (see col. 3, lines 1-43), that logs access attempts with information 
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such as client IP address, current time and URL, which contains the user identifier (see col. 6, 
lines 50-67 & col. 8, lines 1-13) to be able to determine the frequency of accesses to a server (see 
col 8, lines 14-26). Therefore, it would have been obvious to one having ordinary skill in the art 
at the time the invention was made to associate the transaction time, protocol address and 
identification information in the management system. One of ordinary skill in the art would have 
been motivated to perform such a modification to be able to determine the frequency of access 
attempts, as taught by Levergood (see col. 3, hnes 1-43, col. 6, lines 50-67 & col. 8, lines 1-26). 
Arbaugh, as modified above, lacks mutual authentication and lacks sending a communication 
from the device to the management system (step d). However, Schneier teaches that 
authentication using pubUc key cryptography is useful when Alice/client does not trust the 
host/server (see page 54), and hence, both parties want to authenticate each other. Therefore, it 
would have been obvious to one having ordinary skill in the art at the time the invention was 
made to perform mutual authentication between the device/client and management 
system/server. One of ordinary skill in the art would have been motivated to perform such a 
modification to allow both entities to trust each other, as taught by Schneier (see page 54). 

Regarding claims 5 & 6, Arbaugh lacks a revealed encryption key and a manufactured 
encryption key related to the revealed encryption key. However, Schneier teaches that 
authentication using pubhc key cryptography, using a private and public key pair, is useful when 
Alice/client does not trust the host/server (see page 54). Therefore, it would have been obvious 
to one having ordinary skill in the art at the time the invention was made to perform mutual 
authentication between the device/client and management system/server and to send a 
revealed/public encryption key which is related to a key/manufactured encryption key stored in 
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the device. One of ordinary skill in the art would have been motivated to perform such a 
modification to allow both entities to trust each other, as taught by Schneier (see page 54). 

6. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Arbaugh in view 
Levergood and Schneier, as applied to claim 1, in further view of U.S. Patent 6,393,565 to 
Lockhart et al. (Lockhart). Arbaugh, as modified above, lacks producing further encryption keys 
for subsequent communications between said management system and said device. However, 
Lockhart teaches that it is known in the art to generate additional keys to protect a system should 
a key compromise occur (see col. 1, lines 13-34). Therefore, it would have been obvious to one 
having ordinary skill in the art at the time the invention was made to produce further encryption 
keys for subsequent communications between said management system and said device. One of 
ordinary skill in the art would have been motivated to perform such a modification because it is 
known to generate additional keys, possible to protect a system in the event of key compromise, 
as taught by Lockhart (see col. 1, lines 13-34). 

7. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Arbaugh in view 
Levergood and Schneier, as applied to claim 1, in further view of U.S. Patent 6,058,420 to 
Davies. Arbaugh, as modified above, lacks periodically sweeping through all addresses 
available to said management system and comparing said addresses with addresses of devices 
compiled by means of step f However, Davies teaches a network monitoring architecture that 
polls IP addresses (col. 14, lines 8-25) and compares the responses to a Hst of polled 
addresses/interfaces (see col. 11, lines 47-65), gaining multiple of advantages such as 
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extensibility, parallel capabilities and optimized efficiency (see col. 4, lines 12-42). Therefore, it 
would have been obvious to one having ordinary skill in the art at the time the invention was 
made to periodically sweep through all addresses available to said management system and 
compare said addresses with addresses of devices compiled by means of step (f). One of 
ordinary skill in the art would have been motivated to perform such a modification to gain the 
benefits of extensibility, parallel capabilities and optimized efficiency, as taught by Davies (see 
col. 4, lines 12-42, col. 11, lines 47-65 & col. 14, lines 8-25). 

Allowable Subject Matter 

8. Claim 3 is objected to as being dependent upon a rejected base claim, but would be 
allowable if rewritten in independent form including all of the limitations of the base claim and 
any intervening claims. 

9. The following is a statement of reasons for the indication of allowable subject matter: 

Regarding claim 3, the prior art relied upon fails to teach sending a device a reset 
key enabling reiteration of a key agreement protocol exchange corresponding to step (e). 

Conclusion 

10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Michael J. Simitoski whose telephone number is (703)305-8191. 
The examiner can normally be reached on Monday - Thursday, 8:00 a.m. - 5:30 p.m.. The 
examiner can also be reached on alternate Fridays from 8:00 a.m. - 4:30 p.m. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse can be reached on (703)308-4789. 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
Washington, DC 20231 
Or faxed to: 

(703)746-7239 (for formal communications intended for entry) 

Or: 

(703)746-7240 (for informal or draft communications, please label "PROPOSED" 
or "DRAFT") 

Hand-delivered responses should be brought to Crystal Park II, 2121 Crystal Drive, 
Arlington, VA 22202, Fourth Floor (Receptionist). 

Any inquiry of a general nature or relating to the status of this application or proceeding should 
be directed to the receptionist whose telephone number is (703) 305-9000. 





12 January 2004 



